The challenge of encrypting virtual machines

Andreas Jensen, EMEA Director for Enterprise at WinMagic, highlights 5 areas where IT managers should review their policies and processes to ensure encryption remains that last line of defence.

Virtual Machines have been mainstream for some time, and many IT managers think they have good management processes in place; they know where their machines are, their status, and the function they are performing. But is that enough? Whilst virtual machines (VMs) allow an IT infrastructure to be extremely agile in Private, Public and/or Hybrid Cloud environments, they also create opportunities for weak points, where data can be compromised.

Encryption is one of those major weak points, where VMs can be deployed without an encryption policy being followed, subverting compliance, and leading to machines in a live environment that lack the required protection. More often than not, those VMs will contain sensitive data.

This can mean businesses are exposed to serious risks: Firstly, they fall foul of the data protection requirements and regulations set in place by their industry or law, which could result in a hefty fine, prosecution, or at least an uncomfortable audit report.

The other substantial risk is that of a data breach, which can come in two forms. The first is the accidental disclosure of data by an employee to unauthorised parties. That could be a business partner or employee with access to an application or server, an attachment on an electronic communication, or a VM residing on a server.

Data breaches also occur through hacks, and whilst encryption on its own is not the only form of protection, as part of a wider security strategy and policy it becomes a critical component in protecting sensitive data from exposure and for enforcing various regulatory and sovereignty requirements. With the best will in the world, it is near-impossible to ensure a hacker never compromises the network. When it does happen, encryption becomes the last line of defence – if all critical and sensitive data is systematically encrypted at source then all interested parties are protected, even if the hacker decides to take copies of the data.

There are five key threat areas related to virtual machine management where IT managers should review their policies and the training of staff, in order to make sure encryption is effectively managed across the enterprise:

VM Sprawl

The uncontrolled proliferation of VMs can be one of the biggest challenges and is the first area to review. Who has permission to create them? How are they logged, and is one consistent management platform used to monitor them and enforce policies such as encryption? Whenever a VM machine is created, your systems should automatically enforce encryption if it is required.

Images, Snapshots, Migration, Cloning, Copying

VM Images, cloning, copying and snapshots are the methods by which we deploy, replicate or restore a VM. The same process is used on-premises by the data owner, but may also be instigated by a cloud provider or admin as part of a maintenance schedule or support contract. These capabilities expose VMs to the threat of an image or snapshot being simply copied to another VM or Hypervisor elsewhere, without preserving the encryption. Ensure your management tools are tightly integrated into the VM environment and preserve encryption, wherever a VM, or its content, is moved.

Decommissioned VMs

VMs are very frequently turned off and taken down – and sometimes used for a little as an hour. In these situations, an effective policy needs to be in place that will remove encryption keys from the VM for anything more than brief shutdowns

To avoid data remnant issues, as a matter of policy, VMs should have distinct retirement policies attached to them. When VMs are wiped, even with secure methods, data remnant issues can be a problem. When you decommission a VM, ensure management software can correctly remove the encryption keys before they are wiped. This removes the possibility of future decryption of data remnants.

Golden Image

Protecting the Golden Image of a VM is critical. These master copies are often used by businesses that use VMs to scale up their business, or deploy hardware in multiple locations. Encryption is one way to secure the Golden Image and ensures that unauthorised changes cannot be made, leading to a situation where an incorrect configuration or rogue application could be replicated into a live environment in the future.

Proof that Data is Secure

For compliance and general good governance, it is important to be able to demonstrate that the correct virtual machines are encrypted, protecting the data and applications they contain. Given that demonstrating this is not only good practice, but could be a regulatory requirement, ensure that your management environment, can report on this across on-premise and cloud environments.

Some of this may seem like general housekeeping, and in truth it is, but as anyone that utilises cloud IaaS knows, VMs can get out of control, and be simply forgotten about. The very fact that they are logical, rather than physical, means that we need powerful management software that is not only concerned with the health of that software, but also its complete security status. It’s not simply a case of knowing what is encrypted either; keys have to be managed across the VM, the physical machines, and users that require access, as well as enforcing encryption policy. Don’t let your management of VMs become the weak link in protecting your organisation against the pitfalls of poor encryption.